Messages

Seriously how would you expect this feature to be implemented? A whois lookup for every packet is of course out of the question. Regular AS database updates? From which source?

whois -h whois.radb.net -- '-i origin AS714' | awk '/^route:/ {print $2}' > ip table alias

There is a working image gor freebsd and opnsense for NanoPi R2S as since the rtl drivers were recently merged in freebsd.


https://personalbsd.org/images/OPNsense-21.1-OpenSSL-aarch64-NanoPi-R2S-20210612.img.xz.

Please donate to sergey for all his effort at personalbsd.org
Feel free to join telegram chat for opnsense on arm @personalbsd
Thanks.

Nice! Thanks for the link.

They only affect the displaying of the core performance boost. The core performance boost will work the same without them (but it will display 1000 even when it's at 1400).

Okay, so it's not throttling. Thanks for checking.

Could you check what frequency it's at while you're doing the test. It seems I was able to keep mine clocked at 1400 by placing additional heatsinks on the case.
(I don't really do speed tests myself however, my system performs fine at 1400 with good temperatures.)
Add:

Code Select Expand


hint.p4tcc.0.disabled=1
hint.acpi_throttle.0.disabled=1
hint.acpi_perf.0.disabled=1
To:

Code Select Expand


boot/loader.conf.local
And run:

Code Select Expand


sysctl dev.cpu.0
To see if the frequency drops.

Code Select Expand


dev.cpu.0.freq_levels: 1400/-1 1200/-1 1000/-1
dev.cpu.0.freq: 1400

Anyone seeing the "loading" on the Rules tab and it never goes away?

I was going to say: "yes now that you mentioned it". But it finished loading after I logged in, that took a while.

Yep, same for me, also migrated (no checklists, no tests, sorry it just works). I am seeing slightly lower load average, much higher memory usage. Coreboot is v4.12.0.3.

NTP is port 123

I don't know about the FreeBSD image (I will wait for a working OPNsense image, not a developer), but armbian and friendlywrt both worked for me. R2S support will get merged into openwrt, so you won't need friendlywrt anymore.

whois -h whois.radb.net -- '-i origin AS32934' | awk '/^route:/ {print $2}' | xargs pfctl -t facebook_networks -T replace

How would this command look if I wanted to output multiple ASN's to the same table?


Edit: Never mind, found a working solution.

If a machine that is properly configured by default is the idea here, I'm all for it. It does seem to need some clarity somewhere in the GUI around why some rules are pre-selected to be enabled or disabled, some are drop actions, some alert. It takes a lot of time to know every rule so most users have to resort to trust in developers anyway. Macros that enable/disable pre-selected advisable rules would be useful and this does fit into the simplicity philosophy.

This is hardware chaining heaven. Looking forward to messing with this.

That's odd I had no trouble installing on an APU2. Maybe try with updated firmware or a different drive? https://pcengines.github.io/#mr-32

The new one looks very interesting considering the price. Does it have an issue with heatsink installation as it says in the review on the site? I would rather not order it if I have to solder.

Thanks.

Yes, and no IPv6 support.